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Amendments To The Claims 

The listing of claims presented below will replace all prior versions, and 
listings, of claims in the application. 
Listing of claims: 

1 . (original) A network security system, comprising a firewall arranged between 
an internal network and an external network, said firewall comprises a first port 
configured at the internal network oriented side of the firewall and a second port 
configured at the external network oriented side of the firewall; wherein 

the network security system further comprises a trusted node arranged 
between the firewall and the external network, which is used to provide a data 
channel between the internal network and external network, and fonA^ard the data 
transported between the internal network and external network; and the trusted node 
comprises a media-stream receiving port used to converge the data from the second 
port. 

2. (original) The network security system according to claim 1, wherein the 
trusted node further comprises a data forward unit, which is used to fonA/ard the data 
transported between the internal network and the external network, a signaling 
channel selection unit, which is used to select signaling transmission channel for 
transmitting the data so as to implement the convergence of signaling, a call channel 
selection unit, which is used to select a media-stream receiving port in the trusted 
node for communicating with the internal network, and a control unit, which is used 
to control the operations of all the other units. 

3. (currently amended)The network security system according to claim 1-0*^, 
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wherein the trusted node is designed to support H.323 protocol. 

4. (new) The network security system according to claim 2, wherein the trusted 
node is designed to support H.323 protocol. 

4 5. (currently amended) The network security system according to claim 4-Gf 2. 
wherein the signaling channel selection unit adopts Q931 channel for transmitting 
signaling. 

&6. (currently amended) A network security method of realizing secure 
communication between the internal network and the external network by utilizing a 
network security system, said network security system comprises a firewall arranged 
between the internal network and the external network, a first port and a second port 
configured at the both sides of the firewall, and a trusted node arranged between the 
firewall and the external network; and the trusted node comprises a media-stream 
receiving port; wherein the network security method comprises the following steps of: 

A. establishing a call connection between the internal network and the external 
network by means of the trusted node; 

B. selecting a media-stream receiving port for communicating with the internal 
network in the trusted node; 

C. the trusted node forwarding the data transported between the internal network 
and the external network, and at the same time, converging the data from the 
second port by the selected media-stream receiving port. 

& 7. (currently amended) The network security method according to claim & 6, 
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wherein the Step B comprises the following: 

B1. Open Logical Channel signaling being transmitted by the internal network to 
the trusted node; 

82. the trusted node informing the internal network of the selected media-stream 
receiving port; 

B3. the trusted node transmitting Open Logical Channel signaling to the external 
network to establish a corresponding channel. 

7 8. The network security method according to claim S 6, wherein the Step C 
comprises the following: 

C1. the selected media-stream receiving port of the trusted node receiving all 
the data from the internal network, and fonA^arding the data to the external network; 

C2. the selected media-stream receiving port of the trusted node forwarding 
the data transmitted by the external network to the internal network. 

% 9. The network security method according to claim ^ 6, wherein the Step A 
comprises a step of selecting Q931 channel for transmitting signaling. 

8 10. The network security method according to of any on e of claim 5 to 8 6. further 
comprises a step of implementing load balance among a plurality of trusted nodes 
when the data are fonA^arded. 

1 1 . (new) The network security method according to claim 7, further comprises a 
step of implementing load balance among a plurality of trusted nodes when the data 
are forwarded. 



Page 7 of 8 



DOCKET: CU-4908 



12. (new) The network security method according to claim 8, further comprises a 
step of implementing load balance among a plurality of trusted nodes when the data 
are fonA^arded. 

13. (new) The network security method according to claim 9. further comprises a 
step of implementing load balance among a plurality of trusted nodes when the data 
are fon/varded. 
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